Wireshark

Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the industry. It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it it still under active development.

Wireshark has a rich feature set which includes the following:

• Standard three-pane packet browser
• Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
• Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer which is useful for remote capture, analysis, and scripting
• The most powerful display filters in the industry
• VoIP analysis
• Live capture and offline analysis are supported
• Read/write many different capture file formats: tcpdump (libpcap), NAI's Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, Visual Networks' Visual UpTime and many others
• Capture files compressed with gzip can be decompressed on the fly
• Hundreds of protocols are supported, with more being added all the time
• Coloring rules can be applied to the packet list, which eases analysis

New:

• The macOS installer now ships with Qt 5.12.4. It previously shipped with Qt 5.12.1

Bug Fixes:

• wnpa-sec-2019-20[1] ASN.1 BER and related dissectors crash. Bug 15870[2]. CVE-2019-13619[3]
• "ninja install" installs help/faq.py instead of help/faq.txt. Bug 15543[4]
• In Wireshark 3.0, encrypted DOCSIS PDU packets no longer match the filter "eth.dst". Bug 15731[5]
• Developer’s Guide section 3.9 "Contribute your changes" should incorporate or link "Writing a good commit message" from the Wiki. Bug 15752[6]
• RSL dissector bugs in presence of optional IEs. Bug 15789[7]
• The "Media Attribute Value" field is missed in rtcp SDP dissection (packet-sdp.c). Bug 15791[8]
• BTLE doesn’t properly detect start fragment of L2CAP PDUs. Bug 15807[9]
• Wi-SUN FAN decoder error, Channel Spacing and Reserved fields are swapped. Bug 15821[10]
• tshark: Display filter error message references "-d" when it should reference "-Y". Bug 15825[11]
• Open "protocol" preferences …​ does not work for protocol in subtree. Bug 15836[12]
• Problems with sshdump "Error by extcap pipe: sh: sudo: command not found". Bug 15845[13]
• editcap won’t change encapsulation type when writing pcap format. Bug 15873[14]
• ITU-T G.8113.1 MPLS-TP OAM CC,LMM,LMR,DMM and DMR are not seen in the 3.0.2. Bug 15887[15]

Updated Protocol Support:

• AERON, ASN.1, BTLE, CUPS, DNS, DOCSIS, DPNSS, GSM RLC/MAC, HiQnet, ISO 14443, ISObus VT, LDAP, MAC LTE, MIME multipart, MPLS, MQ, RSL, SDP, SMB, TNEF, and Wi-SUN

New and Updated Capture File Support:

• Ascend